Posted
by
msmash
on Monday March 20, 2017 @05:20PM
from the know-your-rights dept.

Thomas Claburn, reporting for The Register: The US Third Circuit Court of Appeals today upheld a lower court ruling of contempt against a chap who claimed he couldn't remember the password to decrypt his computer's hard drives. In so doing, the appeals court opted not to address a lower court's rejection of the defendant's argument that being forced to reveal his password violated his Fifth Amendment protection against self-incrimination. In the case under review, the US District Court for the Eastern District of Pennsylvania held the defendant (referred to in court documents as "John Doe" because his case is partially under seal) in contempt of court for willfully disobeying and resisting an order to decrypt external hard drives that had been attached to his Mac Pro computer. The defendant's computer, two external hard drives, an iPhone 5S, and an iPhone 6 Plus had been seized as part of a child pornography investigation.

Like the sticker note with the password on the bottom of the laptop.
"I don't know the pw, it's on the bottom of the laptop."
Police: "..." Unless of course they filmed the whole arrest and house visit.

And about the 'forgone conclusion' and the fact they aren't simply starting the trial based on the evidence that led to this conclusion:
I think it's quite possible that law enforcement told the judges, confidentially, that they already have hacked the disks using a secret back-door or other procedure, but

Possibly. That's the real question here, while I've read the case info provided in the article there's a bunch of things that are unclear until I get a chance to read the initial case. But, local police forces which is what this case is doesn't usually have the resources to backdoor things like this unless they're commonly known exploits. And if I remember the cases correctly, if they were seized as part of evidence in the original warrant and they were able to get the information off the drives without his co-operation it wouldn't matter anyway. Since it would have already proven that he was in possession of CP. So that doesn't really matter, in the rare cases where something like this happens they can seal part of the court case to protect the disclosure of things like that which would lead to the compromising of on-going investigations.

The real thing is is what you pointed out though, where the proof. There is none really. The prosecution states they have "known hashes" but that doesn't mean much beyond that. It's more likely that the sister saw actual CP, and that's it. That in itself leads weight to it, but it still doesn't mean too much without the actual evidence.

I wouldn't be surprised if this keeps moving through the court system, or their lawyer simply tells them to take the contempt charge which he'll likely serve on weekends and get on with his life. The contempt charge itself could be an entirely new ball of wax especially if it's contested which wouldn't surprise me. The lawyer(s) in question could make their career defining case off of it. Since then the court will have to prove that he knowingly engaged in contempt.

We don't need to mod you down. Just present facts. Not that I am a Trump supporter, but I can tell from how you write that you are unhinged due to rampant bias. It is affecting your mind. Specifically, but not limited to, your ability to process data, form correct opinions, and see facts as they are.

Case in point:

District Judge: Honorable L. Felipe Restrepo

He is an Obama appointee who made the original ruling and whose ruling the third circuit court of appeals upheld.

Please tell me how an Obama appointee is part of a vast right wing republican conspiracy to attack Americans.

Trump's travel bans ran into difficulty because Trump himself said that they were Muslim bans and targeted at Muslims. After the first one failed his staff started talking about how they could make minor, cosmetic changes that meant it was still a Muslim ban but addressed the very narrow point in law that the first ruling was based on. Naturally, the courts didn't fall for it, especially as all this was said in public.

Trump's executive orders keep failing because he is an idiot, surrounded by idiots, and none of them know how to run a government or write a legally sound executive order. Nothing to do with the judges' opinions of Trump, and everything to do with the fact that he basically argued the plaintiff's case for them outside the court so they could simply submit his speeches and tweets as their evidence.

I have never been to prison, but I was in jail, and I didn't think the experience was so bad. It was far better than what I expected from watching TV. Most people were polite and cooperative, and it was a great opportunity to practice my conversational Spanish. Even the guards were friendly. The only big downside was the food. I am a vegetarian, and most meals were baloney sandwiches. They also had peanut butter, but that got really monotonous.

It's the law, innocent until proven guilty. So the judge failed to prove the person did remember the password, hence the judge is in contempt of justice. In order to prosecute for failure to remember and state a password, the court must prove the defendant does remember it, otherwise they a just fucking guessing because that is what they want, a really horrific corruption of the justice system.

Think of the ramifications, the court claims you saw something with no evidence of proof of that claim, you say you did not and they imprison you until you say what they want you to say. You can not legally force memory, to force people to remember and just to be clear, how many you idiots got 100% on every exam you ever took, well, according to shit for brains judge, you put down the incorrect answer on purpose. Courts are not for fucking guessing, want to make a fucking claim, then fucking prove it.

If you show me an encrypted disk drive that was connected to my Mac, either I know the password, or it's stored in the keychain of the Mac so you can access it with the keychain password.

People who call me because they have forgotten the password of their own computer and who want me to reset it is not unusual. Do you think those people are lying and they only call me to hear my beautiful voice? Don't get me wrong, I'm pretty sure the guy remembers his password, but a justice system where someone can be put

I could see a case for contempt if it can be "proven" one is lying about forgetting the password, or has some other way to access the password; refusing to share it. I do not understand calling contempt for forgetting something.

Sounds like someone's never heard of asymmetric cryptography you can encrypt files without having the ability to decrypt them. Of course that's not usually the type of encryption used to secure entire drives.

Well someone, somewhere needs to have the ability to decrypt them. They're rather useless otherwise and you may as well just delete the files. And if you have a way to decrypt them at all, then they could easily extend this ruling of contempt to include any intermediate steps required.

The only way "I don't know how to decrypt them" really holds up even in a hypothetical is if you were using an asymmetric key to generate the encrypted files for an anonymous third party that you have no direct contact with, and they managed to get you at just the right time between purging your local copies and shipping off the encrypted ones.

And even then, you'd have to have some way to get the data to said third party which means a trail of some sort (albeit possibly a cold trail if it leads out of the country or something.)

Sadly your best bet in a situation like this is to appeal to the constitution.. somewhere between the 4th and 5th amendments in this case.. but even that's on shaky ground as the courts are still trying to figure out how (or even if) 200 year old laws should be applied to modern digital devices.

You need to create plausible deniability. Keep a broken USB flash drive around. When asked for the password, tell them you use a keyfile on the USB drive instead. Oh, too bad, they broke the flash drive, now there is no way to decrypt it any more.

asymmetric cryptography [with which] you can encrypt files without having the ability to decrypt them

Irrelevant.

Of course that's not usually the type of encryption used to secure entire drives.

Of course, it is not — and the judge is well aware of it. He had these large drives attached to your computer. They both agree, he accessed the data on them with a password. He claims, he no longer remembers the password — well, the judge happens to not believe him.

This is not a Constitutional question — the guy is not asked to testify against himself. What he is to say is not under oath and will not be used against him.

It is indeed a Constitutional question. He's accused of a crime, and he's being asked, er forced to aid the prosecution. What happened to his right to remain silent, his right against self-incrimination?

And yes, I do believe it is the goal of the prosecution to use any passwords he provides to find stuff that *will* be used against him. They are *demanding* that he aid their prosecution of him by divulging secrets... how is that not testifying against himself? Next, are they going to waterboard him for the passwords?

What is demanded of him is a key to the premises, for which a perfectly valid search-warrant has already been issued.

If they were demanding a physical key, he could refuse to tell them where that is too. That said, without that... they'll just knock down the door.

Also... has a search warrant been issued to search his brain?

This stinks to high heaven. I thought that it was already established by case law that you did not have to say anything to aid the prosecution in any way, that your right to remain silent was absolute in a criminal case?

No, but you can set your encryption to scramble the key if there are (X) false attempts. Or even to scramble if a certain password is entered instead of the real one. And, if you used reasonably secure encryption, once that is done, its toast. I cannot ever be decrypted with today's technology. And likely can never be decrypted, ever.

judge won't like it. Prosecution won't like it. But it is easy to prove that this is a fact.

...should be expected by anyone who wants to hide data from a force as significant enough as a sovereign entity. Indefinite jailing based on contempt of court sounds a lot like a gentler, longer version of rubber-hose.

Perhaps some type of expiry after 30-60 days of non-use for sensitive encrypted drives might protect against this, since there's no way the person could decrypt the drive after that threshold.

As a victim of a rubber hose attack by the American government I can offer some insight into how it works and how everyone looks at the issue wrong. The government usually gets it hands on you somehow and threatens you with some ridiculous mandatory minimum prison sentence. Its a somewhat civilized approach to the rubber hose attack.

You go hire a big buck attorney who starts to work on the case. Next thing you know the government is offering you immunity for whatever is on your computer in exchange for the passwords. Of course your attorney says give them the passwords and this thing will likely go away. You hand over the passwords and it goes away, the statute of limitations ticks off a few years later.

Now if you are the main target of their interest they will wait until they can nail you to the wall and do this step to anyone they think may be able to help.

A better approach would be to use a wifi accessible ssd hidden in a wall or elsewhere it wont be found. Most of the time they are in and out of your house in under a hour, it is very rare, without an informants telling them all of your opsec secrets that anything well hidden will be found.

Cops are humans, most humans are lazy and have mixed feelings about their job, remember that. Encrypted disks in the hands of the government should be treated as the starting point in negotiations.

.Perhaps some type of expiry after 30-60 days of non-use for sensitive encrypted drives might protect against this, since there's no way the person could decrypt the drive after that threshold.

You aren't imagining the defendant's computer in a nice neat room with his drives plugged in and a cop sitting at it trying to guess the password, are you?

No, the drives will have been imaged through a hardware device that blocks all attempts to write, and their work will be on their own computers running their forsensic software against the images of his drives, with his original drives safely in the evidence lockup.

And if criminals start using drives with custom firmware to foil this (they've already read the first GB sequentially? return gibberish and erase everything!), the cops will then be removing the control boards and subsituting their own before they do the imaging.

"Self destructing crypto" will just be something else for them to work around. It might foil the local police department, but if the FBI/NSA/CIA/etc. really wants your data, that's not going to foil them any more than straight strong crypto will.

>"upheld a lower court ruling of contempt against a chap who claimed he couldn't remember the password to decrypt his computer's hard drives"

I am not saying that is the case here, but what if a defendant really doesn't remember the password? Throw him in jail forever? Some devices don't need a key/password UNLESS they are disconnected or reset, and it is very plausible someone might have been using something for a long time without knowing.

>"upheld a lower court ruling of contempt against a chap who claimed he couldn't remember the password to decrypt his computer's hard drives"

I am not saying that is the case here, but what if a defendant really doesn't remember the password? Throw him in jail forever? Some devices don't need a key/password UNLESS they are disconnected or reset, and it is very plausible someone might have been using something for a long time without knowing.

Yeah. I don't know the pincode for my SIM-card, I only ever need it when the phone updates the operating system, and it is separate from the code used to lock the phone. So if my phone is powered down, I have no way of unlocking it without traveling back to my home country out of US reach to get the printed copy of the pincode.

All the responses to you so far have bragged about Androids... And make no mistake, I use both Android and iOS and am by *no* stretch of the imagination an Apple fanboy...

But...

I have owned my current iPhone for roughly 3 years. And in that time, I have rebooted it exactly once, for an OS upgrade. I force-shut it down one other time only because I was in the middle of nowhere, basically lost, and wanted to save the last 5% of battery for a 911 call if it became necessary.

What if it isn't even actually encrypted? "I see a lot of files on here that aren't.mp3,.jpg or.gif files, they have weird extensions like.class. They're obviously encrypted, decrypt them and show us the illegal stuff they're encrypted as!"

Presumably by the time the courts are ordering decryption, the computer has gone through forensics by actual computer forensics people.

Your possibility might apply to the cop who's beating down your door and just trying to get a quick takedown but if you refuse that initial step it will go to people who know what they're doing long before it goes to a judge.

what if a defendant really doesn't remember the password? Throw him in jail forever?

Sure. Why not? The criteria is "reasonable doubt" not "certainty". In practice, the standard for "reasonable doubt" is not very high. When DNA evidence first became valid in court, the Innocence Project reviewed thousands of old cases, and determined that about 10% of them could not possibly have committed the crimes for which they were convicted. One case overturned was the Central Park Five, which EVERYONE, including our president [nytimes.com], was absolutely certain were guilty. There are many, many other cases with no DNA evidence, but there is no reason to believe the false conviction rate is any lower for those.

So if 90% certainly is good enough to lock up some poor black kids for life, why isn't it good enough for a rich white guy with a Macbook Pro?

While I'm sure there's no shortage of racism involved in that particular distinction, there could also be very valid reasons.. specifically witness testimony.

Chances are you can find someone who will claim they witnessed an assault or saw some kid selling drugs or whatever.. possibly not accurate testimony since its been shown time and again that peoples' memories aren't terribly reliable in stressful situations, never mind the possibility of outright deceit. But you can often find someone to step forward.

How about we work on improving justice for all without regard to socioeconomic status or race.

Sure. But if we fix it only for the rich white guys, then they no longer have any motivation to fix the system for others, and it is they that are empowered to do so. We should indeed fix it for everyone. But we need to start at the bottom.

This question actually did come up in this case, as at one point the defendant claimed to have forgotten the passwords. However, the defendant undermined himself by at another time refusing to provide the passwords by which he proved that he did have them.

This amounts to "We know you're guilty even though we can't prove it so we're not going to bother with proof", and worse, they're using that to apply a potentially unlimited sentence.

Just because the guy is accused of having a child porn collection doesn't mean the niceties of law shouldn't apply.

I'm actually not so much for the right against self-incrimination, but I am very much for the right to a fair trial based on evidence and not what people 'know'. I'm also very much on finite sentences proportional to the needs of protecting society, punishing enough to scare the next guy, and attempting to reform the convicted if possible... but there shouldn't be a sentence at all without a just conviction.

Just because the guy is accused of having a child porn collection doesn't mean the niceties of law shouldn't apply

Does the law distinguish between having, distributing or making these images? I consider those very different crimes.Also, since they know he visited the sites and downloaded *somethings*, they can nail him just for that crime and waive or suspend the contempt charge if he agrees to forfeit possession of the hard drives.

The power is ultimately in the owner's hands. Consider: Even under torture, access is technically only granted when the owner says. And so, like warrant canaries, this power will simply rearrange itself until it's out of reach again, until untouchable by infantile laws that are comparable to a child shouting about a supershield that blocks anything.

That was how the UK version of this law was made to look silly (even though it later passed of course).

An admission of a crime was made, written up, encrypted, and put on a USB(CD maybe) and sent to the Home Secretary. The police were then contacted and informed that the Home Secretary has, in his possession, an admission of a crime that requires a custodial sentence.
Technically, that he never had the keys to unlock it was irrelevant. He had an item that was an admission of a crime, he was duty bound to hand it over and unlock it, even though there's no way on earth he could. But the way the law was written, he was the one in trouble.

If this is allowed to stand, we now have the way for someone/anyone to send you an encrypted file (email/cookies), that will then get you found in contempt of court as you are unable to prove you can't unlock it.

They had evidence and testimony that he had downloaded and viewed the material and also that he had transfered it to the encrypted storage. They just didn't have access to the encrypted storage to show what was still there. The defendant made no effort to refute any of that which is why producing the password is considered non-testimonial.

This amounts to "We know you're guilty even though we can't prove it so we're not going to bother with proof", and worse, they're using that to apply a potentially unlimited sentence.

Well, the forensic analysis of his laptop (whose encryption the authorities managed to break themselves) showed that he visited known child exploitation sites and downloaded "thousands of files with the same hash values as known child pornography files." (quote from TFA). The downloaded files weren't on the laptop, so they're assumed to be on the encrypted external drives. Also from TFA: "Authorities in Delaware investigating the case already had a sense of the contents of the drives because, according to c

If they need it... tough! (or at least it should be) - because they can't prove he hasn't genuinely forgotten the password.

If they don't need it, the contempt charge is a disgusting act by the legal system to ignore its internal checks and balances. Just finish the trial with the evidence you have, get the conviction, and apply an appropriate sentence.

While I have less than zero sympathy for child pornographers, what about the 5th amendment? I thought it was to EXPLICITLY prevent the courts from obliging you to give information that may incriminate you.

Also isn't the onus on the court to prove you're definately guilty before punishing you? I think its more than reasonable that someone could honestly forget their password, especially in a stressful situation such as a trial.

I think you mean "like a combination to a safe". Passwords aren't like physical keys—they're something you know, not something you have. And unlike physical keys, which can be seized with a warrant, there is no precedent for requiring a suspect to divulge the code to a combination lock.

the fifth amendment is so the cops can't torture you to force you to confess like used to happen in Europe around the time it was written. I read an interesting book one time how they used to put you on the rack and break your bones until you confessed or they were sure you really didn't do it.

the concept that the police can collect evidence and you have to give up evidence of your guilt has been around for a long time cause justice trumps your right to break the law

This is a case of secured evidence, not self-incrimination. If you have a locked safe that you won't give the combo to, they have the legal authority to break into your safe (and not compensate you for it), this is just an issue of where they are authorized to use force, but don't have sufficient force. (and this does indeed piss off the law / govt when it happens, they fancy themselves omnipotent and take enormous offense when proven otherwise)

The Courts (and Law Enforcement) have gotten really lazy, and it's confusing to me why they don't see it.

During the San Bernardino iPhone stuff and other such stories, there were so many 'seemingly intelligent' people saying how encryption shouldn't be allowed because it made law enforcement difficult. Since when has it been easy? Wearing gloves makes it hard to pickup fingerprints. Should you outlaw gloves as well? However, these people are saying, "You should be forced to live in a way that makes it simple for us to track you all the time." "Papers Please!"*

Two statements:"As more and more people are using encryption these days it's much more difficult for us to obtain evidence." - legitimate"As it impedes our abilities to gather evidence encryption in consumer devices should be restricted or should include a law enforcement backdoor." - completely not legitimate

*(Actually with the 'papers please' that's more about proving you're allowed to be there, rather than checking to see if you shouldn't be there. So it really doesn't apply to the situation.)

Well the password itself isn't incriminating. Its just a string of gibberish characters. So he can be compelled to provide it. Now what it unlocks may be incriminating. But since the password is a key to a door and the evidence is on the other side of the door the key and the evidence are not the same thing. That line of separation means that the 5th doesn't apply to passwords.

And when a judge orders you to do something in a trial, such as provide a password to your drive, and you decline, that's contemp

So you're telling me that the Judge has power to order you to do literally anything during a trial? such as stick a knife in yourself or someone else? and if you refuse you are now in contempt and can go to prison for ever?

Well they are limited by the law. For the most part they can only order stuff that relates to the matter at hand. And the power to actually enforce their orders is in the hands of the executive branch, people who do not work for or answer to the judges. This is intentional, and for this very reason. This is also what the appeals process is for. A higher court can always throw out some crazy ruling by a lower court. But basically, yes. This is why appointments to federal judge positions are kind of a big dea

a) Forensics had already proven that he had downloaded and viewed material and then transfered it to the encrypted storage and the defendant did not deny any of that, so the defendant is already incriminated.

b) Being jailed for contempt is not punishment for the crime, it's a sanction for refusing to follow the court order to supply the password. It's not even considered a punishment per se so "cruel and unusual punishment" arguements, like against the solitary confinement here, are hard to make.

It has been established that you can't be forced to turn over the numbers to your combination lock while you can be compelled to provide the physical key if you have it. The problem is that in cryptography, we call it a key but we mean combination lock, the judges here ruled a cryptographic "key" is something similar to a physical key, a piece of code/hardware you can give them to unlock your "safe" while it's actually a combination lock.

I agree, it's contempt of court. As well it should be, since the court is contemptible. The right against self-incrimination is absolute - you don't have to testify against yourself, you don't have to unlock that (combination) safe, you don't have to decrypt files. You have the right to remain silent.

That is, unless it's the physical key to a safe, or some hardware encryption key. That's physical, and subject to seizure. But a combination or encryption password is a product of the mind, and forcing it out is forcing self-incrimination.

Sure, law enforcement has a right, with the proper warrant, to break into the safe or attempt to decrypt the contents themselves, but failing that, they're simply SOL.

Although the SCOTUS agrees with you, there hasn't been any legally binding decision made surrounding these issues, lower courts have typically established that providing some assistance to your own conviction is acceptable.

The 'true' solution would be to create a password/passphrase that requires you to actively participate with your mind. Eg. - I can only unlock this password by doing some sort of obstacle course with each stop providing me parts of the passwords.

Seems like encryption systems need to have two passwords; one that decrypts the volume and another that wipes the keys and images a fresh filesystem. When they compel you to enter your password, you enter the "destroy code."

Sure, you could be charged with tampering with evidence if they realized what you'd done. But maybe that would be preferable to indefinite incarceration for contempt of court.

This is very hardware dependent. Plenty of systems out there that require a passkey to unlock but nuke themselves with a few bad tries. They are not clonable (unless you're the NSA and even then some go to lengths to prevent chip lapping and other methods from working). In essence it's a small computer that you can not practically copy with a hardened interface that stores the actual decryption keys.

Seems like encryption systems need to have two passwords; one that decrypts the volume and another that wipes the keys and images a fresh filesystem. When they compel you to enter your password, you enter the "destroy code."

Sure, you could be charged with tampering with evidence if they realized what you'd done. But maybe that would be preferable to indefinite incarceration for contempt of court.

I doubt that would work in this case as I'm sure LEO images the media and tries to decrypt the images.

I doubt that would work in this case as I'm sure LEO images the media and tries to decrypt the images.

You don't wipe the drive itself, you wipe the key stored in the TPM or equivalent (which is tamper-resistant and not easily cloneable). Even with the master password, no one can decrypt the contents of the drive without the active participation of the original TPM. An image of the encrypted drive will not help at all if the TPM can be persuaded to delete the sole copy of the decryption key, for example by providing it with a duress password.

I think a time bomb would be better. An internal clock will count down 1 week, and if no key is given in that time it wipes the decryption key. The courts should be held up long enough to permit this too occur, if not you can reduce the time.

The government has been violating the constitution in spirit and word for so long that nobody seems phased by this sort of nonsense. It sadly gives weight to Trump's phrase "so-called judge": Forcing anyone to incriminate themselves by compelling them to give information in their mind is blatant violation of the 5th amendment. It's upon burden of prosecution to provide evidence BEFORE trial, not compel someone being tried to give evidence during the trial. As has be proven many times, there are a various number of ways investigators can get around encryption with a little planning (the was that guy running the drug trading service from a library I remember, they did it smart and the charged individual was a bit smug/laid back). If you can't prosecute with out that data, it shouldn't have been brought to trial. and if you have proper evidence already, don't need anyone's password. It's creating a culture where proper policework is not done, but prosecution says "to blazes with proper evidence, we'll use circumstantial evidence and wing it in court because it's convenience to try to compel someone being tried to waive their 5th amendment rights. you give us everything we need to prosecute you, or we'll lock you up for contempt charges. That's just wrong. And given the huge data dragnet we already have controlled by the CIA (another unconstitutional program confirmed by the courts). they have other tools (even if unconstitutional less so) for using data in a court case. Putin claims our system is no better than Russia, and if we keep violating our supposedly most precious standards like this, we'll prove him right.

There is precedent for this when the defendant has already decrypted the drive for authorities and then refuses to do so for the court. In that case, the contents are considered a "foregone conclusion" and there is no question that the defendant both acknowledges the encrypted volume and knows the key to decrypt it. This is a reasonable balance against Fifth Amendment protections.

If he has not ever revealed the password to authorities, the Constitution absolutely prohibits this action by the court. A man cannot be compelled to self-incriminate, the court may not presume guilt (innocent until proven guilty), and the court can only establish guilt through due process of law (everything from investigation to conviction) and with equal protection under the law (the law is applied the same way to everyone). This ruling blatantly violates most of these basic rights if the contents of the drive are not a "foregone conclusion."

They can't criminally charge you for not taking the sobriety field test. They can and will take your license away. That's not a criminal process, it's a regulatory one. Different states may have different variations but the song generally remains the same. Driving is legally considered a privilege, not a right. It isn't the same thing.

I agree with your second part. Civil asset forfeiture is a blatantly unconstitutional thing that is constantly abused. It's still not a constitutional action, but the guys with the guns make the rules in the end.

Ruling that it's a "foregone conclusion" is exactly what happened here, but for different reasons.

While the defendant hadn't provided the Mac Pro and hard drive passwords previously, the investigators managed to figure out the password to his Mac Pro and were able to use that access to determine that it had been used to visit child porn sites and download thousands of files that matched the hashes for recognized child porn files. Those files weren't found on the Mac Pro, but the defendant's sister testified "that Doe had shown her hundreds of images of child pornography on the encrypted external hard drives". Between the download history, hash matches, and testimony about the location of the files, the judge ruled that it's a foregone conclusion that the drives contain child porn and that turning over the password is not testimonial in nature as a result.

I'm not sure that I necessarily agree with that assessment (it could be that providing the passwords is still testimonial in nature with regards to crimes they don't know about that his knowledge of the passwords would implicate him of), and the article points out that it's likely this case will go all the way to the Supreme Court.

Why not just subject him to water boarding and other forms of "enhanced interrogation" techniques? At this point, what does it even matter? If we are so willing to break some of the most fundamental rights owned by our society, then what does the rest of it matter? You can argue day and night about whether there is still logic to the 2nd amendment; and lets be real, the logic falters when you exercise that right against a military as heavily funded as in the US. However, the existence of the 5th amendment i

I had a couple of encrypted partitions on my Linux setup that I rarely accessed that became inaccessible after a Linux update. In my case I did remember the password but Linux would not accept it. I eventually reformatted it and restored the data from a backup.

The government's argument is that the passcode itself is not incriminatory. It's the protected contents which may be, and the person is not being asked to directly disclose those. But that ignores that showing the ability to access the files may itself be incriminatory.

Anyway, his passcode is "1Admit1'mGuiltyAsH3ll.", so disclosing it would be self-incrimination.

No the logic is the same as a suspect ordered to unlock a safe/hidden room/car etc. having to do that. If the locked space then contains something illegal it is valid evidence however the suspect isn't being forced to say there are illegal stuff there.

Or to make the comparison even easier: if police have a search warrant they have to be provided access to a location, failure to give that access is in itself a criminal act. Here the police have a search warrant for the disks and aren't given access to them.

Shit. I had to reset my work login password just before going on vacation for a week. Couldn't remember what the heck I had reset it to when I got back, had to ask IT to reset it for me. I can absolutely believe that somebody could have forgotten a password.

In my personal experience, passwords that are > 24 characters, are easily forgettable if unused for a period of time. I struggle with remembering complicated passwords if I haven't used them in over a month. Not sure if it's because they're to complicated or if it's a neurological limit. I also suffer from ADD and have a history of radiation exposure.

That being said, I completely understand how it's possible for someone to forget a password.

I've skimmed the judgment. It's a convoluted case. He asserted his Fifth Amendment rights at some point, but failed to do so again at his contempt of court hearing. When he was held in contempt, he appealed and this time he again asserted his Fifth Amendment privilege. But the court that was hearing his appeal of the contempt of court ruling couldn't weigh its ruling based on the circumstances of his original, criminal case... it could only rule on the civil contempt of court hearing, in which the Fifth Am